Newbie here - don't hate me...
We are finding that LANDesk remote control is blocked by HIPS V8, we have also discovered that by overriding the local client and disabling the firewall LANDesk remote control does work.
We have compared how our previous HIP V7 clients were configured and we can see that two Trusted Networks have been added to the FIrewall configuration.
The question is this: If you add in a Trusted Network range does this imply that all Firewall rules do not apply to this trusted network, or is there an additional step/configuration that has to be done additonal to this?
Before we set off down the adaptive rules etc we really just want to stop the firewall being enabled if it is a known network.
Are you adding the Trusted Networks to the Trusted Network Policy or are you adding them within your firewall rule?
This is how we have done it
Policy Catologue, Product = HIPs 8(general), Catergory = Trusted networks (windows)
Policy - we renamed mydefault to name_policy
and we entered 172.26.0.0/16 and 172.24.0.0./16
and trusted both for IPS and enabled local subnets automatically
hope that makes sense
That configuration will only help you for the IPS portion of HIPS, for the firewall portion you still need to make a rule that allows the traffic in/out for your application. The quickest way to test this (I say test because you should lock down the rule more, but that's up to you) is to
01 - create a new rule for EITHER direction
02 - Specifiy remote network as "TRUSTED" (this pulls from your trusted network policy; if you don't want all in your trusted network policy, then you can add the subnet ranges instead); you will more than likely need to specifiy a local network, as well (in this case probably "Local subnet")
03 - Any Protocol
04 - Save
05 - Push out new policy/perform wake-up
06 - Test application
If application works, I'd suggest adding the application executables to the application section of the firewall rule and only allowing the specific ports needed in the transport option section.
I quickyl created the test rule so you can see the final output:
Well done my friend - easy when you know how - you have cut short three days of bad language and tantrums!
No - seriously heartfelt thanks!